In re Application of: Swift et al. 
Application No.: 09/490,199 

Remarks 

In the application, claims 1 through 12 are pending. No claims currently stand allowed. 

The Office Action dated October 24, 2003, has been carefiiUy considered. The Office 
Action rejects claims 1 and 2 under 35 U.S.C. § 102(e) as anticipated by U.S. Patent 6,298,383 
("Gutman"). Claims 3 through 10 are rejected under 35 U.S.C. § 103(a) as obvious in Ught of 
Gutman and U.S. Patent 5,913,025 ("Higley"). Claims 1 1 and 12 are rejected as obvious in light of 
Higley, Gutman, and U.S. Patent 6,198,824 ("Shambroom"). Claims 13 through 15 are rejected as 
obvious in Ught of Higley and U.S. Patent 5,623,601 ("Vu"). Claim 16 is rejected as obvious in light 
of Higley, Vu, and U.S. Patent 6,081,900 ("Subramaniam"). Finally, claim 17 is rejected as obvious 
in light of Higley, Vu, and Gutman. 

As required by the Examiner, the Abstract is amended to bring its word count down to 1 50. 

The present application and Gutman both describe proxy authorization schemes. However, 
the details of these schemes are quite different. Some confusion may arise from the different 
meanings of the key word "user" in the present application and in Gutman. In the present 
application, the "user" has rights to access a target service. A "proxy client" v^shes to use those 
rights to access the service. In Gutman, on the other hand, the rights are originally owned by the 
"domain." Gutman' s "user" wishes to use those rights to access a target service. Thus, Gutman' s 
"user" corresponds roughly to the present application's "proxy client." For clarity's sake, the 
remainder of this discussion uses the terminology of the present application. 

With this distinction in terminology in mind, the differences between Gutman and the 
present invention become clearer. For example, the following elements of claims 1, 6, and 9 are not 
anticipated by Gutman: 

Claim 1: submitting, by the proxy client, a proxy request to the trusted 
security server requesting access to the target service on behalf of 
the user; 

Claim 6: receiving a proxy request from the proxy client to access a target 
service on behalf of the user; 

Claim 9: A computer-readable medium as in claim 6, having further 
computer-executable instructions for performing the step of 
sending the data structure to the proxy client for presenting to the 
target service for authentication of the proxy client. 
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(Emphasis added.) In Gutman, the proxy client (Gutman's "user") does not submit a proxy request 
to the security server. Rather, the target service submits the request. This distinction is one basis for 
the heightened security awareness of the scheme of the present invention as described, e.g., on page 
10, line 22, through page 11, line 26, of the present specification. 

Other elements of claim 1 are not anticipated by Gutman. For example, Gutman's proxy 
authorization simply allows or denies access to the proxy client and cannot allow limited access 
because its registered proxy information does not contain claim 1 's "extent of proxy authorization." 
This element is described in the present specification on page 11, line 20, through page 12, line 22. 

Claim 1 1 's security exchange is based on a shared secret key which is not disclosed by 
Gutman. In particular, the following elements are not anticipated by Gutman: 

Claim 1 1 : receiving from the trusted security server a session key encrypted 
with a shared secret key shared by the client and the trusted 
security server and a ticket for accessing the target service; 

decrypting the session key with the shared secret key; 

(Emphasis added.) Other examples could be given. 

In sum, the cited art simply does not show every element of the currently pending 
independent claims (1,6, and 1 1). Thus, the cited art neither anticipates nor renders obvious these 
independent claims. As all other currently pending claims depend from these claims, applicants 
request that the rejections be v^thdrawn and that all currently pending claims be allowed. 

Conclusion 

The application is considered in good and proper form for allowance, and the Examiner is 
respectfully requested to pass this application to issue. If, in the opinion of the Examiner, a 
telephone conference would expedite the prosecution of the subject application, the Examiner is 
invited to call the undersigned attomey. 
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Date: April 19, 2004 



Respectfully submitted, 

John T. Bretscher, Reg. No. 52,651 
One of the Attorneys for Applicants 
LEYDIG, VOIT & MAYER, LTD. 
Two Prudential Plaza, Suite 4900 
180 North Stetson 
Chicago, Illinois 60601-6780 
(312)616-5600 (telephone) 
(312)616-5700 (facsimile) 
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